TidBITS#1228/23-Jun-2014
========================
Issue link:
In this far-reaching issue of TidBITS, we cover a pair of
announcements: Amazon’s long-rumored Fire Phone, with a 3D interface
and streamlined shopping, and Apple’s new entry-level iMac, which
trades significant power for its lower price. The second- and
third-generation Apple TVs don’t support iTunes Extras, but Agen
Schmitz shows you how to watch them on Apple’s streaming set-top
boxes. Yahoo and AOL have taken drastic new measures to enhance
security, but at the cost of breaking mailing lists and email
forwarding — Adam Engst explains the highly technical details. In Take
Control news this week, Charles Edge looks at enabling file sharing in
“Take Control of OS X Server,” and we’re particularly pleased to
publish Glenn Fleishman’s new “Take Control of Your Apple Wi-Fi
Network” to answer all your wireless networking questions. Don’t miss
the 70% discount on Live Interior 3D in this week’s DealBITS drawing,
and if you’re fluent in Dutch or Japanese, we could use some
translation help! Finally, in FunBITS, Josh Centers strolls down
memory lane with SimCity 4: Deluxe Edition for Mac, an updated edition
of the classic city simulator for modern Macs. Notable software
releases this week include LaunchBar 6.0.1, Carbon Copy Cloner 3.5.5,
OmniFocus 2.0.1, and Typinator 6.0.
Articles
Apple Introduces Entry-Level iMac for $1,099
Amazon Announces Fire Phone to Heat Up Mobile
“Take Control of Your Apple Wi-Fi Network” Answers Wi-Fi Questions
DealBITS Discount: Save 70% on Live Interior 3D
Chapter 6 of “Take Control of OS X Server” Now Available
New Dutch and Japanese Translators Wanted!
Solving the iTunes Extras Streaming Conundrum
Yahoo and AOL Damage Mailing Lists and Email Forwarding
FunBITS: SimCity 4 Returns to the Mac
TidBITS Watchlist: Notable Software Updates for 23 June 2014
ExtraBITS for 23 June 2014
------------ This issue of TidBITS sponsored in part by: --------------
* READERS LIKE YOU! Support TidBITS by becoming a member today!
Check out the perks at
Special thanks this week to Charles Bjorgen, Patrick Linehan, Ralph
Love, and Paul Riggs for their generous support!
* CrashPlan is easy, secure backup that works everywhere. Back up
to your own drives, friends, and online with unlimited storage.
With 30 days free, backing up is one resolution you can keep.
Your life is digital; back it up!
* Updated! PDFpen for iPad 1.7: Designed for iOS 7, faster, and
better-looking. Edit your PDFs anywhere. Sign contracts, make
changes, fill forms, and more. All while you’re on the move.
Syncs via iCloud and Dropbox.
* Fujitsu ScanSnap Scanners — Save your business time and money
with our easy-to-use small ScanSnap Scanner line. Eliminate
paper piles by scanning documents, business cards, and receipts.
Visit us at:
---------- Help support TidBITS by supporting our sponsors ------------
Apple Introduces Entry-Level iMac for $1,099
--------------------------------------------
by Josh Centers: , @jcenters
article link:
5 comments
Apple has announced a new entry-level iMac starting at $1,099, which
is $200 cheaper than the existing 21.5-inch iMac model. This new
iMac features a 21.5-inch screen, a 1.4 GHz dual-core Intel Core i5
processor (up to 2.7 GHz with Turbo Boost) with 3 MB shared L3
cache, 8 GB of RAM, a 500 GB hard drive, and Intel HD Graphics 5000.
It also sports two Thunderbolt ports, four USB 3.0 ports, and
802.11ac Wi-Fi. The RAM is not expandable, and the only
build-to-order options are a 1 TB hard drive ($50), a 1 TB Fusion
Drive ($250), and 256 GB of flash storage ($250).
In terms of tech specs, the new iMac is a big step down from the
$1,299 21.5-inch iMac, which instead offers a significantly faster
2.7 GHz quad-core Intel Core i5 processor (up to 3.2 GHz with Turbo
Boost) with 4 MB L3 cache, 8 GB of RAM (expandable to 16 GB), a 1 TB
hard drive, and Intel Iris Pro graphics. The $1,299 model also
offers a 1 TB Fusion Drive ($200), 256 GB of flash storage ($200),
and 512 GB of flash storage ($500) as build-to-order options.
If you can spare the extra $200, the $1,299 model is a distinctly
better machine, though it’s nice to see Apple making Macs more
affordable for situations where performance may not important, such
as kiosks and public access computers.
----
read/post comments:
tweet this article:
Amazon Announces Fire Phone to Heat Up Mobile
---------------------------------------------
by Josh Centers: , @jcenters
article link:
1 comment
The long-rumored Amazon phone is closing in on reality. Dubbed the
Amazon Fire Phone, it will be available on 25 July 2014, but is
available for pre-order now. It is exclusive to AT&T, and the 32 GB
model costs $199 with a two-year contract, or $649 without a
contract. There is also a 64 GB version available for $100 more.
As always, Amazon is offering powerful incentives. In this case, the
Fire Phone comes with a free year of Amazon Prime, which grants free
two-day shipping on thousands of items, plus free streaming of
select TV shows and movies, free book borrowing, and ad-free
streaming of over a million songs (a $99 value). In addition, the
Fire Phone offers unlimited cloud storage for every photo you take
with the device (Amazon’s standard Cloud Drive pricing is $0.50 per
gigabyte per year).
The technical specs are impressive: a 2.2 GHz quad-core Snapdragon
800 processor, 2 GB of RAM, an Adreno 330 graphics processor, a
4.7-inch LCD with 1280-by-720 resolution, a 13-megapixel rear-facing
camera with a f/2.0 aperture and optical image stabilization, a 2.1
megapixel front-facing camera, stereo speakers, and a battery that
offers up to 22 hours of talk time or 11 hours of video playback. As
with Amazon’s Kindle Fire tablets, it runs Fire OS, a customized
version of the Android operating system.
Both the front- and rear-facing cameras capture 1080p video at 30
frames per second. The cameras also feature intelligent HDR, which
suggests when to turn the feature on. There are also settings to
take panoramic shots, burst shots, and even a lenticular mode to
take 3D pictures.
The Fire Phone’s flashiest feature is Dynamic Perspective, which
takes advantage of four front-facing sensors to track your face,
making it possible to display everything in 3D. You’ll be able to
tilt and swivel the phone to access menus, peek around maps, and
access other features. Amazon claims that you will be able to scroll
through Web pages and other content without touching the screen.
Another impressive (or depressing, if you worry about local
retailers) feature is Firefly, which uses the camera to identify bar
codes, movies, TV shows, and music, and lets you purchase associated
items instantly from Amazon. Firefly is activated by a dedicated
physical button on the Fire Phone, making shopping with Amazon even
easier than it was with separate Amazon apps before — publishing
veteran Joe Wikert believes Firefly will become increasingly
important to the content industry. In addition to shopping, Firefly
also recognizes email addresses, Web URLs, and phone numbers, and
lets you take a variety of actions based on the recognized text.
Novices, or anyone who has trouble with technology, will appreciate
Mayday, which was originally seen in the Kindle Fire HDX tablet.
Press the Mayday button and in less than 15 seconds, you’ll be in a
video chat with an Amazon expert who can show you how to use the
phone via remote control. Anecdotal reviews have given high marks to
Mayday on the Kindle Fire HDX.
The Fire Phone also includes a set of earbuds, which look similar to
Apple’s EarPods, including an inline remote. But Amazon’s earbuds
are unique in that they feature a flat, tangle-resistant cable, and
the buds themselves are magnetic, so they stick together while
stashed away, also preventing tangles.
Amazon’s Fire Phone boasts some notable technology and will likely
benefit from Amazon’s promotion, but it doesn’t break significant
new ground. Like the Kindle and the Fire TV, one of the Fire Phone’s
primary design objectives is to make it ever easier to buy content
and products from Amazon (for our review of the Fire TV, see “Fire
Watch with Me: Amazon Fire TV vs. Apple TV,” 13 May 2014).
This shouldn’t be surprising: Amazon’s goal is to enmesh you in
their purchasing ecosystem, just as Apple’s is to entice you to
spend all your time and money on Apple products and associated
content, and Google’s is to encourage usage of services that will
increase views of highly targeted ads.
----
read/post comments:
tweet this article:
“Take Control of Your Apple Wi-Fi Network” Answers Wi-Fi Questions
------------------------------------------------------------------
by Adam C. Engst: , @adamengst
article link:
2 comments
Some things improve with age, and while old Wi-Fi networks don’t
fall into that category, Glenn Fleishman’s documentation of
everything related to Apple’s AirPort base stations and Wi-Fi
networking continues to get better. Over the past decade, Glenn’s
“Take Control of Your ____ AirPort Network” books have consistently
ranked among our most popular titles for a good reason — they’re the
essential resources that the Apple community relies on for help with
Wi-Fi networks.
To keep up with Apple’s changes, we’ve just published “Take Control
of Your Apple Wi-Fi Network,” a new title that focuses on the latest
tools and technologies for wireless networking, such as AirPort
Utility 6 for Mac and AirPort Utility for iOS, plus Apple’s 802.11ac
base stations. In this 196-page book, Glenn helps you swap in new
gear for better performance, extend your network’s range with
multiple base stations, add USB drives and shared printers, enable
security options and guest networking, maximize throughput, and
solve pesky problems. It costs $20 and is available for immediate
download.
“Take Control of Your Apple Wi-Fi Network” will show you how to do
the following, among much else:
* Efficiently swap a new base station in place of an old one.
* Extend your network’s range by connecting base stations with
Ethernet and/or Wi-Fi.
* Easily put visitors on the Internet with a guest network.
* Print wirelessly to a Wi-Fi- or USB-connected printer.
* Attach a USB drive to a Time Capsule or AirPort Extreme, and set up
user access.
* Back up to a Time Capsule, and work with its internal drive.
* Pipe music through an AirPort Express-connected stereo.
* Discover what the icon on your Wi-Fi menu means.
* Find out what the colored light on your base station is trying to
tell you.
* Avoid annoying interference problems.
* Deal with a base station that can’t be found on the network.
Why the new title? Now that Apple is making 802.11ac base stations,
we needed a new title that didn’t explicitly reference 802.11n,
hence “Take Control of Your Apple Wi-Fi Network” replacing the
previous “Take Control of Your 802.11n AirPort Network.” We didn’t
call it “Take Control of Your AirPort Network” because Glenn’s first
Wi-Fi networking ebook used that title back in 2004, and because
Apple seems to be deprecating the AirPort name within OS X and iOS.
----
read/post comments:
tweet this article:
DealBITS Discount: Save 70% on Live Interior 3D
-----------------------------------------------
by Adam C. Engst: , @adamengst
article link:
Congratulations to Paul Brown at gmail.com, Bruce Morris at
telusplanet.net, Eric Smith at verizon.net, Greg Searle at
optusnet.com.au, Edwin Bantilan at aol.com, John Ingham at
wildblue.net, jscramton at Excite, Marc Rhodes at mac.com, Terry
McCain at tds.net, and Egil Stenseth at gmail.com, whose entries
were chosen randomly in the last DealBITS drawing and who each
received a copy of BeLight Software’s interior design app Live
Interior 3D, worth $49.99. We presume they will all be reorganizing
their living rooms this week.
Don’t fret if you want to test virtual furniture placements (or
contemplate what it would be like to take out that wall between the
kitchen and the dining room), since BeLight Software is offering all
TidBITS readers a whopping 70 percent discount off Live Interior 3D
through 26 June 2014. To take advantage of this offer, which drops
the $49.99 list price to $14.99, use this link to purchase from the
Mac App Store. Thanks to the 331 people who entered this DealBITS
drawing, and good luck in future drawings!
----
read/post comments:
tweet this article:
Chapter 6 of “Take Control of OS X Server” Now Available
--------------------------------------------------------
by Adam C. Engst: , @adamengst
article link:
I’ll be honest — one of the reasons we approached Charles Edge about
writing “Take Control of OS X Server” was that I wanted to improve
our internal file sharing system. We’d been using Mac OS X’s
built-in personal file sharing for years, and while it worked, we
occasionally ran into irritating permissions problems (where I
couldn’t work with a folder Tonya created, for instance, without
twiddling permissions on the server drive). In Chapter 6, “File
Sharing,” Charles explains how to turn on file sharing, which
protocols to enable, and how to customize permissions. It’s not
hard, but you want to do it right to avoid exposing sensitive
information to the wrong people.
Happily, now that we’ve created a group for our respective network
users, shared the external hard drive that contains the necessary
files, and assigned appropriate permissions, file sharing just
works, with no annoying permissions lockouts.
Well, there is one thing that still doesn’t work well, but it’s
unrelated to OS X Server for the moment — what we really want is a
coherent method of sharing music ripped from our CD collection so we
can each play it from the server without having to waste 54 GB of
space on our relatively small SSDs. Michael Cohen and I wrote about
this almost four years ago in “In Search of the iTunes Media Server”
(14 October 2010) and the situation hasn’t improved at all since
then. If Apple could build media serving into a future version of OS
X Server, its $19.99 price would become a no-brainer for many of us.
As in the past, we encourage everyone to read Chapter 1,
“Introducing OS X Server” and Chapter 2, “Choosing Server Hardware,”
to see where the book will be going, but Chapter 3, “Preparation and
Installation,” Chapter 4, “Directory Services,” and Chapter 5, “DNS
Service,” are available only to TidBITS members. If you have already
joined the TidBITS membership program, log in to the TidBITS site
using the email address from which you joined. The full ebook of
“Take Control of OS X Server” will be available for purchase by
everyone in PDF, EPUB, and Mobipocket (Kindle) formats once it’s
complete.
Publishing this book in its entirety for TidBITS members as it’s
being written is just one of the ways we thank TidBITS members for
their support. We hope it encourages those of you who have been
reading TidBITS for free for years to help us continue to bring you
more of the professionally written and edited articles you’ve become
accustomed to each week. For more details on what the membership
program means to us, see “Support TidBITS in 2014 via the TidBITS
Membership Program” (9 December 2013).
----
read/post comments:
tweet this article:
New Dutch and Japanese Translators Wanted!
------------------------------------------
by Adam C. Engst: , @adamengst
article link:
Many people don’t realize this, but TidBITS is translated each week
into both Dutch and Japanese, thanks to the efforts of close-knit
groups of volunteer translators who have been working together for
years. But as with any volunteer effort, new blood is occasionally
necessary, and the coordinators of both translations have asked me
to put the word out for new members.
So, if you’re bilingual in English and either Dutch or Japanese (all
three are not required, as impressive as that would be!), we can use
your help. Both our Dutch and Japanese translation teams are running
slightly short-handed and could use a few more volunteers to spread
out the effort. In essence, you’d work with the other members of the
teams to help translate TidBITS from English into either Dutch or
Japanese for the thousands of people who read TidBITS in those
languages.
You can read more about what’s involved with both the Dutch
translation and the Japanese translation at their respective pages.
Thanks for any help you can provide, and note that as a token of our
appreciation, translators receive all Take Control ebooks for free.
----
read/post comments:
tweet this article:
Solving the iTunes Extras Streaming Conundrum
---------------------------------------------
by Agen G. N. Schmitz:
article link:
2 comments
My family and I love our Apple TV. We cut the cable cord long ago,
making the Apple TV is our entertainment hub, with access to Netflix
streaming plus the occasional movie rental from the iTunes Store.
However, I’ve been loath to buy movies from the iTunes Store due to
my biggest frustration with the Apple TV — the inability to stream
iTunes Extras from purchased movies.
For those not versed in iTunes Extras (or who may have forgotten
about them), these added goodies can include behind-the-scenes
documentaries, deleted scenes, movie stills, and more. Many of these
bonus features are replicated from a movie’s DVD/Blu-ray release,
and the iTunes Extras interface even resembles a disc’s menu scheme.
Despite selling over 20 million Apple TV units and generating over
$1 billion in revenue from content (see “Apple Posts Record Q2 2014
Revenues Despite Slipping iPad Sales,” 23 April 2014), Apple hasn’t
seen fit to add support for a prominent feature advertised in the
iTunes Store to the Apple TV. Instead, the only way to watch iTunes
Extras is via iTunes on a Mac (or PC).
I had put iTunes Extras out of my mind, instead purchasing disc
versions of movies with intriguing bonus features. But then “The
Lego Movie” — the seminal film of my seven-year-old’s young life —
showed up in the iTunes Store this week, almost a month ahead of its
DVD and Blu-ray distribution, with some delectable iTunes Extras
(the “Michelangelo and Lincoln: History Cops” bonus short was just
one to pique my curiosity). I was tempted, but was there a solution
to the iTunes Extras streaming conundrum?
**A Brief History of iTunes Extras** -- iTunes Extras debuted in 2009
along with iTunes LP albums, and they were playable on the original
silver Apple TV (as noted by Jeff Carlson in “Apple TV 3.0 Adds
Focus on Your Content,” 30 October 2009). However, the subsequent
releases of the second and third generations of the Apple TV dropped
support for iTunes Extras. This was most likely due to the switch
away from the hard drive-based first-generation (up to 160 GB) to
the streaming-focused second- and third-generation Apple TV models
with only 8 GB of flash memory (according to this iFixit teardown).
**The AirPlay Workaround** -- There is one Apple-approved method of
streaming video from a Mac to an Apple TV that works decently —
AirPlay. Start playing a video in iTunes, then click the AirPlay
icon near the top of the iTunes window and select Apple TV from the
popover. (You can also make this selection from the AirPlay icon in
the play bar.) iTunes acknowledges that it is now sending video to
your Apple TV by turning the icon blue and darkening the window with
the name of your Apple TV. (This is a strategy I’ve known about for
some time, and Josh Centers explains this method and several other
AirPlay tricks in his indispensable book, “Take Control of Apple
TV.”)
The only problem with this scenario is that our Mac is nowhere near
our television, so I would have to make the trek upstairs to my
office to start the movie (then pause it and return to the living
room), or use a VNC app on an iOS device (such as Screens) to
control my Mac remotely.
I wanted to find a solution that would be easy enough for the entire
family to handle (remember, this is all in the service of making my
Lego-loving seven-year-old happy… really!), one that could be
accessed using the Apple TV remote.
**Unpacking iTunes Extras** -- To get to the heart of the matter, I
needed to see how the iTunes Extras files manifested themselves on
my hard drive. After Control-clicking a movie in iTunes and choosing
Show in Finder from the contextual menu, I found that a video with
iTunes Extras has two files — its main movie file (.m4v) and an
iTunes Extras file (.ite). After some investigation of the .ite file
type, I concluded the solution would be easy.
Control-clicking the .ite file offers you the Show Package Contents
option in the contextual menu. After choosing that, the iTunes
Extras file displays as a folder, where the various and sundry
media, CSS, and data files that make up the iTunes Extras experience
are bundled together. Open the Videos sub-folder and copy the
enclosed .m4v video files (using Option-drag) to your desktop. Then,
drag those .m4v files into iTunes and they’re ready to either watch
on your Mac or stream to your Apple TV.
Instead of performing this copying-to-desktop-then-dragging-to-iTunes
dance, you would think you could drag the files directly from the
Videos sub-folder into iTunes. However, I don’t recommend this, as
it removes them completely from the .ite package. If you were to
later access the iTunes Extras interface on your Mac and clicked a
link to one of these videos, no video would play because the source
file had been removed. Frustratingly, this anomaly occurs even if
you’ve selected “Copy files to iTunes Media folder when adding to
library” in iTunes > Preferences > Advanced, and even if you
Option-drag the files from the .ite package.
After dragging your files into iTunes, they appear in iTunes under
the Home Videos view in Movies as plain video files with
alphanumeric titles that are less than helpful (such as
LM_883316986851_02MichelangeloAndLincoln.m4v), so you might want to
change their titles in the Get Info window (choose File > Get Info
or press Command-I). Also, in the Get Info window’s Options view,
click the Media Kind pop-up menu to switch the video’s designation
from Home Video to Movie (to ensure they’ll show up in Movies on
your Apple TV rather than Home Videos, if that’s important to you).
That’s it!
Streaming iTunes Extras to your Apple TV isn’t painful, but it still
requires a process, one that takes a few moments to complete and
doesn’t have to exist at all. (A clever person with Automator or
AppleScript skills might be able to write a workflow to make this
process less onerous. If you come up with one, let us know!)
If Tim Cook is true to his word that the Apple TV is no longer a
hobby, then Apple should provide this now-mature business with all
the features the company promises when you make a purchase in the
iTunes Store.
----
read/post comments:
tweet this article:
Yahoo and AOL Damage Mailing Lists and Email Forwarding
-------------------------------------------------------
by Adam C. Engst: , @adamengst
article link:
6 comments
I recently received an email message from Cornell Alumni Affairs,
warning of deliverability problems related to alumni email
forwarding and participation in Cornell mailing lists. Since I’ve
recently spent quite a bit of time learning about SPF, DKIM, DMARC,
and other email deliverability technologies for TidBITS and Take
Control, this piqued my interest. Some additional investigation
showed that the problem extends far beyond Cornell, and is currently
affecting any organization that relies on email forwarding, plus any
mailing list with Yahoo or AOL subscribers.
Unfortunately, apart from users switching away from Yahoo and AOL,
there’s not much that can be done about it.
First, to explain all this, we need to untangle the alphabet soup of
technologies I blithely splashed into the above paragraph, all of
which are designed to reduce the ability of spammers to spoof email
to make it look like it comes from a legitimate sender.
* SPF stands for Sender Policy Framework and enables the owner of an
Internet domain, like tidbits.com, to specify which computers are
allowed to send email containing sender addresses in that domain. A
mail server receiving email from a sender claiming to be
foobar@tidbits.com does a DNS lookup on tidbits.com, checking a
special TXT record to see if the sender’s mail server is allowed to
send email on behalf of tidbits.com. You can think of SPF working at
the envelope level, and it’s an Internet Engineering Task Force
standard (RFC 7208).
* DKIM stands for DomainKeys Identified Mail, and is also an IETF
standard (RFC 6376). Whereas SPF looks at the envelope to verify
that a message is being sent from an approved source, DKIM goes one
step deeper, associating a domain name with an actual email message,
via public key cryptography. First, the sending mail server uses a
private key to sign the contents of each outgoing message using a
DKIM-Signature header. Second, the receiving mail server does a DNS
lookup on the domain name specified in the DKIM-Signature header to
find another special TXT record that contains the associated public
key; the receiving mail server can then use the public key to verify
that the message hasn’t changed since it was signed.
* DMARC, or Domain-based Message Authentication, Reporting, and
Conformance, is an email authentication method that builds on SPF
and DKIM. Again implemented in DNS, a DMARC policy lets a sending
organization specify that its messages use SPF and/or DKIM, and what
should happen to messages for which the domain in the header’s From
line fails to match (is not in “alignment” with) the domains
specified by SPF and DKIM. There are three options: do nothing
(“none”), flag the message as suspicious (“quarantine”), or bounce
the message (“reject”). Although DMARC is used by numerous major
email providers in various ways, it is not an IETF standard.
A key reason DMARC exists is that the ways SPF and DKIM enable the
sender to specify what should be done with failed messages are
generally unused. In SPF, each receiving mail server has to
determine what to do with results such as “none,” “neutral,” “pass,”
“fail,” and “softfail.” Although “fail” was intended to equate to
rejection, few senders set that, due to the high number of false
positives. The DKIM specification is even more explicit about how
its results should (not) be used:
In general, modules that consume DKIM verification output
SHOULD NOT determine message acceptability based solely on a
lack of any signature or on an unverifiable signature; such
rejection would cause severe interoperability problems.
(There is a little-used extension to DKIM called ADSP (Author Domain
Signing Practices, RFC 5617), which was the predecessor to DMARC and
offers advice from the sender when the From header doesn’t match the
domain in the DKIM signature. It was quickly identified as having
the same problems that now afflict DMARC; hence its minimal usage.)
So DMARC enables a sender to tell receiving mail servers what to do
with messages whose SPF- and DKIM-advertised domains don’t match the
domain in the From line. That’s ideal for companies like PayPal,
which send vast quantities of transactional email, are constantly
spoofed as part of phishing attacks, and don’t have (many)
individual users. PayPal has published a DMARC policy of “reject”
for over a year with no one noticing. However, until recently, large
email providers have stuck with a DMARC policy of “none,” which lets
messages be delivered normally. You can check the DMARC policy for
any domain at the DMARC Inspector — look at the “p=” tag.
In April 2014, Yahoo dropped a bomb on the email world by quietly
changing its DMARC policy to “reject,” and AOL followed suit shortly
after, though at least with a press release acknowledging the
change. This had the effect of causing receiving mail servers to
bounce messages that failed SPF and DKIM, generating two classes of
problems:
* **Email Forwarding:** Let’s say you have a cornell.edu alumni
address, which forwards to a Gmail address. Someone from Yahoo or
AOL sends you a message, which uses both SPF and DKIM. Receiving it
at cornell.edu works fine, because SPF, DKIM, and DMARC alignment
all pass at that point, but when Cornell’s mail server forwards the
message, it rewrites headers such that, when Gmail examines the new
incoming message, it fails SPF, DKIM, and DMARC alignment. Because
Yahoo and AOL both have DMARC policies saying that failed messages
should be rejected, Gmail bounces the message.
* **Mailing Lists:** Now let’s say you use Yahoo or AOL and are a
member of a discussion-based mailing list. When you post to the
list, the list server receives the message and packages it for
distribution to the list, changing a variety of headers and possibly
adding a signature to the body in the process. Those changes cause
the repackaged message to fail SPF, DKIM, and, most important, DMARC
alignment, so it won’t be received by any list recipients at Yahoo,
AOL, Gmail, Outlook.com, or other any other email provider that
honors DMARC policies, again because of how Yahoo and AOL set their
DMARC policies to require that failed messages be rejected.
There’s even more fallout on mailing lists. Depending on how things
are configured, if Gmail bounces a received mailing list message
sent by a Yahoo user, that bounce will likely go back to the mailing
list server and be recorded against the Gmail user, potentially
causing that user to be removed from the list. So Yahoo and AOL
users can get other list members bounced, purely by posting.
Needless to say, as email and mailing list administrators have
figured out what is going on, this change has caused significant
consternation. The IETF discussion list has been dominated by
DMARC-related discussions for months.
Why did Yahoo and AOL make such a sweeping change? Speculation is
that both had suffered significant security breaches that allowed
bad guys to steal user information, including address books. They
then used that information to create spam to these users’ contacts,
forging the users’ return addresses. Since that spam was being sent
by botnets, nothing short of this DMARC change could stop it. In
short, Yahoo and AOL are cleaning up their mistakes by damaging
every mail forwarding service and mailing list on the Internet.
What can be done about this situation? Although email boffin John
Levine has compiled a list of things mailing list developers and
administrators can do, none are trivial and all have side effects.
At the user level, there’s simply nothing that can be done, other
than those who use Yahoo and AOL voting with their feet and
switching to less-draconian free email providers like iCloud, Gmail,
and Outlook.com. Or, if you want to pay an email provider to ensure
that they’re working for you, TidBITS staffers have used FastMail
and easyDNS’s easyMail service (which comes with domain hosting)
without experiencing these problems.
As an aside, although iCloud doesn’t appear to be involved with
these DMARC-related problems, beware of iCloud’s spam filtering. In
the most recent case, Doug Adams, who has contributed hugely to the
Apple community through his Doug’s AppleScripts for iTunes site,
found that for three weeks his messages weren’t being received by
iCloud users because Apple was silently deleting all messages that
contained the string “dougscripts”. Since his domain is
dougscripts.com, that pretty much put the kibosh on all his
iCloud-related email. After complaining to AppleCare and having the
problem escalated to a Mac Advisor, and then to Engineering, and
then to the Spam Team, the problem finally disappeared, without
further explanation. It’s astonishing that, in 2014, Apple is still
doing simple string-based filtering and silent deletion of offending
messages.
What I’d like you to take away from this article, apart from just
understanding the Internet a bit better, is that there’s a lot of
effort that goes on behind the scenes to make sure even the most
basic of Internet technologies work in the face of competing forces.
Email may seem simple, but it’s also far more subtle than most
people realize.
----
read/post comments:
tweet this article:
FunBITS: SimCity 4 Returns to the Mac
-------------------------------------
by Josh Centers: , @jcenters
article link:
Who doesn’t love SimCity? Since the launch of the original game in
1989, it has become a mainstay in places where games often are
unwelcome, like schools. Even Adam and Tonya Engst, who are
emphatically not gamers, loved SimCity back in college. The game
kept evolving over the years, with SimCity 2000 and SimCity 3000
adding ever more complexity, culminating with SimCity 4, released in
2003. Electronic Arts (EA) tried to reboot the series in 2013, but
with dumbed-down gameplay, and the requirement of an online
connection, which overwhelmed EA’s servers, making the game
unplayable for many.
Thankfully, Aspyr Media, champions of Mac gaming, have retooled and
updated SimCity 4: Deluxe Edition, bringing it to the Mac in all its
glory. It’s available from the Mac App Store for $19.99 (on sale for
$9.99), is a 1.14 GB download, and requires OS X 10.8.5 Mountain
Lion or later.
This isn’t Aspyr’s first crack at porting SimCity 4 to the Mac. The
company brought it over in 2003, but coded for PowerPC-based Macs.
Even after several updates, the game never worked well on the
subsequent Intel-based Macs, and Aspyr gave up in 2007.
Fortunately, Aspyr rebuilt this version from the ground up for
modern Intel-based Macs, including support for native screen
resolutions. The original game was designed for common resolutions
of a decade ago, and thus looked terrible on most of today’s
displays. However, the new version runs perfectly at 2560-by-1440 on
my 27-inch Dell monitor, and is gorgeous. One thing I hope to see in
the future is better support for trackpad gestures, like
pinch-to-zoom, because otherwise the game treats trackpads like an
old-fashioned mouse.
Why would you want to play an 11-year-old game in the first place?
SimCity 4 was too far ahead of its time when Maxis released it in
2003. It required resources that just didn’t exist then, and even my
2008-era powerhouse gaming PC had trouble running it. Now, in 2014,
we finally have the hardware necessary to run the game smoothly.
If you’ve never played SimCity, much less its fourth incarnation,
you may wonder what you do in the game or why it’s so demanding.
Simply put, you build cities. You shouldn’t really think of SimCity
as a game, because it’s not. It’s a city simulator that attempts to
simulate nearly every variable involved in running a major
metropolis.
There are no win or loss conditions, no achievements, no final boss
battles. SimCity is the modern equivalent of crafting a ship in a
glass bottle: you build it merely for the satisfaction of building
it and to answer your own questions about why certain aspects of
cities do or do not work well.
You can start with a number of pre-built tutorial cities (and if
you’re new, you should, as they offer some guidance in the basics of
running a city), or you can start with a bare chunk of land that you
can shape to your heart’s content. You can plant trees, raise and
lower the land to create mountains and valleys, add bodies of water,
and even spawn wildlife. The game also includes empty regions based
on real cities, like New York, San Francisco, and London.
You start the game in God Mode, during which you can shape the land
for free, but once you decide to begin building your city, you enter
Mayor Mode, in which any modifications to the landscape require
costly construction.
In Mayor Mode, you name your city, zone areas, build roads, and lay
out utilities. This is the meat of the game. The first order of
business involves building something sim-people actually want to
move to, which requires residential zoning (they need places to
live), roads, electricity, schools, commercial zoning, and
agricultural or industrial zoning (they also need places to work).
From there, it’s all about how you want to shape your city. You can
add all sorts of extras, like police stations to control crime, fire
stations to keep fires from spreading, and niceties that will make
your sims happier, like parks and landmarks. But everything you
build has costs for both creation and regular maintenance.
Managing your city’s finances is one of the harder aspects of Sim
City 4. There are two factors that play into how much income you
have to work with: population size and tax rates. The more sims who
move to your city, the larger the tax pool, and you can keep them
coming by satisfying their basic needs. To help with that, there’s a
handy RCI (Residential, Commercial, Industrial) chart that show
which type of zones are in demand. For instance, if demand for
residential areas is down and demand for agricultural zones is high,
that means your sims need jobs, and the residential demand won’t
increase until you build more agricultural areas to provide those
jobs.
Besides population, you have complete control over taxation, which
also affects population. You can set tax rates based on each type of
zone, like Low Wealth Residential, High Wealth Residential,
Agricultural, and Manufacturing Industry. To maximize income, you
have to find the right balance between tax rates so that you’re
extracting the most revenue without driving people out.
Playing with these variables lets you experiment with social
planning. For instance, later in the game, it can be tempting to
lower taxes on the wealthy and raise them for the poor, in order to
gentrify your city and bring in more income. Such a strategy may
make sense on paper, however morally reprehensible it is, and it’s
easy to see how elected leaders come to such decisions. It’s a
perfect thing to try in SimCity, where the results don’t affect real
people.
You also have a panel of advisors that can tell you the best course
of action on finances and other problems that will plague your city,
such as school overcrowding, pollution, and crime.
If you get bored with your city, you can plague it with disasters
for fun and destruction. You can summon a tornado, an earthquake,
lightning, fire, an alien invasion, or even a giant robot dinosaur.
The included “Rush Hour” expansion provides another distraction —
U-Drive-It, which lets you take control of vehicles around the city,
including police cars and fire trucks. Frankly, this mode falls flat
for me. The controls are weird, it doesn’t fit with the rest of the
game, and I find it boring. Luckily, it’s easily ignored, so it
doesn’t detract from an otherwise great game.
SimCity 4 is one of the best games of all time, and Aspyr has done a
great job of bringing it back to the Mac. Unlike most games, it’s a
way to stretch your creativity and critical thinking. It offers
unlimited hours of play, and gives insight into real-world politics
and urban planning. If you’ve been missing SimCity, or somehow have
never played, this is a great time to try it.
----
read/post comments:
tweet this article:
TidBITS Watchlist: Notable Software Updates for 23 June 2014
------------------------------------------------------------
by TidBITS Staff:
article link:
**LaunchBar 6.0.1** -- Objective Development has issued LaunchBar
6.0.1, the first maintenance release following its recent major
upgrade to version 6.0 (see “LaunchBar 6 Adds Themes, Instant
Feedback, and More,” 11 June 2014). The keyboard-based launcher and
shortcut utility adds several new text transformation actions
(including case conversions, line sorting, and removal of multiple
spaces), new icons for many built-in actions, a shortcut to sort
folder contents by Date Added, and an indexing option that enables
you to index only bookmarks from Safari’s Favorites Bar. The release
also improves live results when searching plain text files, extends
Clipboard History capacity, improves theme switching, fixes some
bugs, and brings back missing localizations. ($29 new with a 20
percent discount for TidBITS members, free update, 10 MB, release
notes, 10.9+)
Read/post comments about LaunchBar 6.0.1.
**Carbon Copy Cloner 3.5.5** -- Bombich Software has released Carbon
Copy Cloner 3.5.5 with a couple of new proactive features related to
hard drive errors. The bootable backup utility will now abort a
backup task within five minutes if a defective hard drive is hanging
and then collect extensive diagnostics information, as well as
report physical read and write errors before starting a task to give
you the opportunity to abort the backup. The update also improves
progress indication in situations where the first folder encountered
has many items, improves the performance of saving multiple
scheduled tasks, and fixes a bug that prevented idle sleep after
displaying the “Task finished” panel for a scheduled task. ($39.95
new, free update, 10.8 MB, release notes, 10.6+)
Read/post comments about Carbon Copy Cloner 3.5.5.
**OmniFocus 2.0.1** -- Following the recent major update to its
GTD-inspired task management utility, The Omni Group has released
OmniFocus 2.0.1 with a number of bug fixes. (To catch up on all the
changes in OmniFocus, be sure to read Josh Centers’s review:
“OmniFocus 2 for Mac Brings a Fresh Look to GTD,” 22 May 2014.) The
update improves interaction with the keychain when multiple Omni
Sync Server account credentials have been stored; fixes an issue
with the Send to Inbox service in the Standard edition that
prevented clipping from Mail, Safari, OmniWeb, Chrome, and the
Finder; makes the note in the Inspector editable for sidebar
selections; ensures that a relaunch isn’t required to use
AppleScript after upgrading to the Pro edition; and fixes a
potential crash related to using Undo/Redo with certain custom
Perspectives. ($39.99 new for Standard edition and $79.99 for Pro
edition from The Omni Group Web site, $39.99 for Standard edition
from Mac App Store (with in-app purchase option to upgrade to Pro),
free update for version 2.0 licenses, 44.2 MB, release notes,
10.9.2+)
Read/post comments about OmniFocus 2.0.1.
**Typinator 6.0** -- Ergonis has released Typinator 6.0, a major
update to its text expansion tool with over 50 new features and
improvements. The biggest addition is the capability to create
expansions based on regular expressions for replacements based on
flexible patterns, which includes correction of “DOuble CAps”
instances, inline calculations, automatic capitalization at the
beginning of sentences, and predefined “Date Steps” for generating
dates that can increment or decrement by day or week. The release
also adds support for HTML-formatted expansions for email clients
that support HTML mail, built-in functions for string processing in
expansions (such as case conversions, extraction of fragments,
etc.), new import file types for replacing the contents of existing
sets, and improved relevance ranking for suggestions. Typinator 6.0
gets a redesigned user interface with a new window layout, plus it
enables you to resize the expansion area, shortens the menu with a
clearer structure, and displays sets and rules side by side to make
it easier to move rules.
Typinator 6.0 requires Mac OS X 10.5.8 Leopard or later, but you
need to be running 10.7 Lion or later in order to use regular
expressions. It’s also fully compatible with 10.9 Mavericks. If you
purchased a license for Typinator 5 on or after 1 October 2013, you
can upgrade to version 6.0 for free. For purchases made before that
date, you can upgrade to Typinator 6.0 for €12.99 (single license).
(€24.99 new with a 25 percent discount for TidBITS members, 7.2 MB,
release notes)
Read/post comments about Typinator 6.0.
ExtraBITS for 23 June 2014
--------------------------
by TidBITS Staff:
article link:
This week in ExtraBITS, we ponder the Apple TV as the hub of your
connected home, the U.S. Supreme Court deals a blow software
patents, we learn that OS X Yosemite’s Handoff feature will require
Bluetooth 4.0, your Synology NAS device might be mining someone
else’s Dogecoin, YouTube gets tough on indie music labels, and Apple
settles with states and consumers over ebook price fixing.
**The Apple TV as HomeKit’s Hub** -- HomeKit in iOS 8 promises to
unify all of your connected home devices, but how would you control
them while away from home? Christopher Breen of Macworld suggests
that the Apple TV might be the home gateway to HomeKit, with an
upgraded model serving as a smart hub for home automation.
Read/post comments
**U.S. Supreme Court Deals a Blow to Software Patents** -- In a
unanimous decision, the U.S. Supreme Court has declared that
“abstract ideas” are not patentable. While this decision doesn’t
completely eliminate software patents, it does require that such
patents rely on “concrete improvements or new designs, not an
aggregation of existing steps.”
Read/post comments
**OS X Yosemite’s Handoff Will Require Bluetooth 4.0** -- Handoff will
be one of the coolest features of OS X Yosemite and iOS 8, letting
you seamlessly transition between workflows on the two platforms,
but unfortunately for owners of older Macs, it will require
Bluetooth 4.0, which excludes Macs built before 2011, and even many
built later. Peter Cohen of iMore explains how to check which
version of Bluetooth your Mac has. If your Mac isn’t compatible with
Handoff, a USB dongle that provides Bluetooth 4.0 may enable Handoff
by Yosemite’s release.
Read/post comments
**Synology NAS Devices Hacked to Mine Dogecoin** -- If you own a
Synology NAS device and haven’t updated recently, you should.
Attackers are taking advantage of an older vulnerability (patched in
February 2014) to mine the Dogecoin virtual currency (an offshoot of
Bitcoin that originally began as a joke). One German attacker
managed to mine over $600,000 of Dogecoin from Synology boxes. It’s
yet another reason why you shouldn’t enable remote administration on
your devices unless absolutely necessary.
Read/post comments
**YouTube Playing Hardball with Indie Labels** -- Google-owned YouTube
is preparing to launch a music subscription service, and it’s
threatening to yank existing music videos from labels that don’t
join. YouTube argues that it cannot allow music to exist on its free
tier that isn’t also available on its paid service. Affected artists
would include Adele, Arctic Monkeys, and Vampire Weekend.
Read/post comments
**Apple Settles with States and Customers over Ebooks** -- Apple has
settled with U.S. attorneys general and customers over conspiring
with publishers to fix ebook prices, avoiding a trial that could
have cost the company up to $840 million in claims. Meanwhile, Apple
is still appealing the September 2013 ruling of U.S. District Court
Judge Denise Cote that placed a number of restrictions on the way
Apple sells ebooks.
Read/post comments
$$
This is TidBITS, a free weekly technology newsletter providing timely
news, insightful analysis, and in-depth reviews to the Apple
Internet community. Feel free to forward to friends; better still,
please ask them to subscribe!
Non-profit, non-commercial publications and Web sites may reprint or
link to articles if full credit is given. Others please contact us. We
do not guarantee accuracy of articles. Caveat lector. Publication,
product, and company names may be registered trademarks of their
companies. TidBITS ISSN 1090-7017.
Copyright 2014 TidBITS: Reuse governed by Creative Commons license.
Contact us at:
License terms:
Full text search:
Subscriptions:
Account help: